aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/ACL.cs
diff options
context:
space:
mode:
authorlbsa712007-10-31 07:28:23 +0000
committerlbsa712007-10-31 07:28:23 +0000
commit064404ab409ddd0a3b25027a98582696295c46fd (patch)
treebd84ec2e23930f76e7cc81c8529ef71936c86dd9 /OpenSim/Framework/ACL.cs
parentmade illogical bitwise operations logical (diff)
downloadopensim-SC-064404ab409ddd0a3b25027a98582696295c46fd.zip
opensim-SC-064404ab409ddd0a3b25027a98582696295c46fd.tar.gz
opensim-SC-064404ab409ddd0a3b25027a98582696295c46fd.tar.bz2
opensim-SC-064404ab409ddd0a3b25027a98582696295c46fd.tar.xz
* Moved OpenSim/Framework/General to OpenSim/Framework for great justice.
Diffstat (limited to 'OpenSim/Framework/ACL.cs')
-rw-r--r--OpenSim/Framework/ACL.cs263
1 files changed, 263 insertions, 0 deletions
diff --git a/OpenSim/Framework/ACL.cs b/OpenSim/Framework/ACL.cs
new file mode 100644
index 0000000..8f9c6e7
--- /dev/null
+++ b/OpenSim/Framework/ACL.cs
@@ -0,0 +1,263 @@
1/*
2* Copyright (c) Contributors, http://opensimulator.org/
3* See CONTRIBUTORS.TXT for a full list of copyright holders.
4*
5* Redistribution and use in source and binary forms, with or without
6* modification, are permitted provided that the following conditions are met:
7* * Redistributions of source code must retain the above copyright
8* notice, this list of conditions and the following disclaimer.
9* * Redistributions in binary form must reproduce the above copyright
10* notice, this list of conditions and the following disclaimer in the
11* documentation and/or other materials provided with the distribution.
12* * Neither the name of the OpenSim Project nor the
13* names of its contributors may be used to endorse or promote products
14* derived from this software without specific prior written permission.
15*
16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26*
27*/
28using System;
29using System.Collections.Generic;
30
31namespace OpenSim.Framework
32{
33 // ACL Class
34 // Modelled after the structure of the Zend ACL Framework Library
35 // with one key difference - the tree will search for all matching
36 // permissions rather than just the first. Deny permissions will
37 // override all others.
38
39 #region ACL Core Class
40
41 /// <summary>
42 /// Access Control List Engine
43 /// </summary>
44 public class ACL
45 {
46 private Dictionary<string, Role> Roles = new Dictionary<string, Role>();
47 private Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
48
49 public ACL AddRole(Role role)
50 {
51 if (Roles.ContainsKey(role.Name))
52 throw new AlreadyContainsRoleException(role);
53
54 Roles.Add(role.Name, role);
55
56 return this;
57 }
58
59 public ACL AddResource(Resource resource)
60 {
61 Resources.Add(resource.Name, resource);
62
63 return this;
64 }
65
66 public Permission HasPermission(string role, string resource)
67 {
68 if (!Roles.ContainsKey(role))
69 throw new KeyNotFoundException();
70
71 if (!Resources.ContainsKey(resource))
72 throw new KeyNotFoundException();
73
74 return Roles[role].RequestPermission(resource);
75 }
76
77 public ACL GrantPermission(string role, string resource)
78 {
79 if (!Roles.ContainsKey(role))
80 throw new KeyNotFoundException();
81
82 if (!Resources.ContainsKey(resource))
83 throw new KeyNotFoundException();
84
85 Roles[role].GivePermission(resource, Permission.Allow);
86
87 return this;
88 }
89
90 public ACL DenyPermission(string role, string resource)
91 {
92 if (!Roles.ContainsKey(role))
93 throw new KeyNotFoundException();
94
95 if (!Resources.ContainsKey(resource))
96 throw new KeyNotFoundException();
97
98 Roles[role].GivePermission(resource, Permission.Deny);
99
100 return this;
101 }
102
103 public ACL ResetPermission(string role, string resource)
104 {
105 if (!Roles.ContainsKey(role))
106 throw new KeyNotFoundException();
107
108 if (!Resources.ContainsKey(resource))
109 throw new KeyNotFoundException();
110
111 Roles[role].GivePermission(resource, Permission.None);
112
113 return this;
114 }
115 }
116
117 #endregion
118
119 #region Exceptions
120
121 /// <summary>
122 /// Thrown when an ACL attempts to add a duplicate role.
123 /// </summary>
124 public class AlreadyContainsRoleException : Exception
125 {
126 protected Role m_role;
127
128 public Role ErrorRole
129 {
130 get { return m_role; }
131 }
132
133 public AlreadyContainsRoleException(Role role)
134 {
135 m_role = role;
136 }
137
138 public override string ToString()
139 {
140 return "This ACL already contains a role called '" + m_role.Name + "'.";
141 }
142 }
143
144 #endregion
145
146 #region Roles and Resources
147
148 /// <summary>
149 /// Does this Role have permission to access a specified Resource?
150 /// </summary>
151 public enum Permission
152 {
153 Deny,
154 None,
155 Allow
156 } ;
157
158 /// <summary>
159 /// A role class, for use with Users or Groups
160 /// </summary>
161 public class Role
162 {
163 private string m_name;
164 private Role[] m_parents;
165 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
166
167 public string Name
168 {
169 get { return m_name; }
170 }
171
172 public Permission RequestPermission(string resource)
173 {
174 return RequestPermission(resource, Permission.None);
175 }
176
177 public Permission RequestPermission(string resource, Permission current)
178 {
179 // Deny permissions always override any others
180 if (current == Permission.Deny)
181 return current;
182
183 Permission temp = Permission.None;
184
185 // Pickup non-None permissions
186 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
187 temp = m_resources[resource];
188
189 if (m_parents != null)
190 {
191 foreach (Role parent in m_parents)
192 {
193 temp = parent.RequestPermission(resource, temp);
194 }
195 }
196
197 return temp;
198 }
199
200 public void GivePermission(string resource, Permission perm)
201 {
202 m_resources[resource] = perm;
203 }
204
205 public Role(string name)
206 {
207 m_name = name;
208 m_parents = null;
209 }
210
211 public Role(string name, Role[] parents)
212 {
213 m_name = name;
214 m_parents = parents;
215 }
216 }
217
218 public class Resource
219 {
220 private string m_name;
221
222 public string Name
223 {
224 get { return m_name; }
225 }
226
227 public Resource(string name)
228 {
229 m_name = name;
230 }
231 }
232
233 #endregion
234
235 #region Tests
236
237 internal class ACLTester
238 {
239 public ACLTester()
240 {
241 ACL acl = new ACL();
242
243 Role Guests = new Role("Guests");
244 acl.AddRole(Guests);
245
246 Role[] parents = new Role[0];
247 parents[0] = Guests;
248
249 Role JoeGuest = new Role("JoeGuest", parents);
250 acl.AddRole(JoeGuest);
251
252 Resource CanBuild = new Resource("CanBuild");
253 acl.AddResource(CanBuild);
254
255
256 acl.GrantPermission("Guests", "CanBuild");
257
258 acl.HasPermission("JoeGuest", "CanBuild");
259 }
260 }
261
262 #endregion
263} \ No newline at end of file